[CERT-daily] Tageszusammenfassung - 21.02.2018

[Daily end-of-shift report]

=====================
= End-of-Day report =
=====================

Timeframe:   Dienstag 20-02-2018 18:00 − Mittwoch 21-02-2018 18:00
Handler:     Nina Bieringer
Co-Handler:  Robert Waldner

=====================
=       News        =
=====================

∗∗∗ New Spectre/Meltdown Variants ∗∗∗
---------------------------------------------
Researchers have discovered new variants of Spectre and Meltdown. The software mitigations for Spectre and Meltdown seem to block these variants, although the eventual CPU fixes will have to be expanded to account for these new attacks.
---------------------------------------------
https://www.schneier.com/blog/archives/2018/02/new_spectremelt.html



=====================
=  Vulnerabilities  =
=====================

∗∗∗ ABB netCADOPS Web Application ∗∗∗
---------------------------------------------
This advisory contains mitigation details for an information exposure vulnerability in the ABB netCADOPS Web Application.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-18-051-01


∗∗∗ DFN-CERT-2018-0347/">phpMyAdmin: Eine Schwachstelle ermöglicht einen Cross-Site-Scripting-Angriff ∗∗∗
---------------------------------------------
Ein entfernter, einfach authentifizierter Angreifer kann eine Schwachstelle in phpMyAdmin ausnutzen, um einen Cross-Site-Scripting (XSS)-Angriff gegen sich selbst durchzuführen.
---------------------------------------------
https://portal.cert.dfn.de/adv/DFN-CERT-2018-0347/


∗∗∗ Mozillas executable installers: FUBAR ∗∗∗
---------------------------------------------
#1) "Firefox Installer.exe" (digitally signed 2018-01-28) 58.0.1
     is vulnerable to DLL hijacking
#2) "setup-stub.exe" extracted and executed by "Firefox Installer.exe"
    is vulnerable to DLL hijacking
#3) "Firefox Setup 52.6.0esr.exe" (digitally signed 2018-01-19)
    is vulnerable to DLL hijacking
#4) "setup.exe" extracted and executed by "Firefox Setup 52.6.0esr.exe"
    is vulnerable to DLL hijacking
---------------------------------------------
http://seclists.org/fulldisclosure/2018/Feb/58


∗∗∗ Sicherheitsforscher empfiehlt, BitTorrent-Client uTorrent Web vorerst nicht zu nutzen ∗∗∗
---------------------------------------------
Zwei uTorrent-Clients sind verwundbar. Es gibt zwar Sicherheitspatches, doch offenbar wirken diese nur teilweise.
---------------------------------------------
https://www.heise.de/meldung/Sicherheitsforscher-empfiehlt-BitTorrent-Client-uTorrent-Web-vorerst-nicht-zu-nutzen-3975222.html?wt_mc=rss.security.beitrag.atom


∗∗∗ Coldroot: macOS-Trojaner offenbar seit zwei Jahren unentdeckt ∗∗∗
---------------------------------------------
Ein Sicherheitsforscher hat eine Remote-Access-Malware für Apple-Rechner entdeckt, die seit mindestens 2016 kursieren soll.
---------------------------------------------
https://www.heise.de/meldung/Coldroot-macOS-Trojaner-offenbar-seit-zwei-Jahren-unentdeckt-3974864.html?wt_mc=rss.security.beitrag.atom


∗∗∗ Internet of Babies – When baby monitors fail to be smart ∗∗∗
---------------------------------------------
Baby monitors serve an important purpose in securing and monitoring our loved ones. An estimated 52k user accounts and video baby monitors are affected by a number of critical security vulnerabilities in "miSafes" video monitor products.
---------------------------------------------
https://www.sec-consult.com/en/blog/2018/02/internet-of-babies-when-baby-monitors-fail-to-be-smart/index.html


∗∗∗ Security updates for Wednesday ∗∗∗
---------------------------------------------
Security updates have been issued by Arch Linux (libmspack), Debian (zziplib), Fedora (ca-certificates, firefox, freetype, golang, krb5, libreoffice, monit, patch, plasma-workspace, ruby, sox, tomcat, and zziplib), openSUSE (dovecot22, glibc, GraphicsMagick, libXcursor, mbedtls, p7zip, SDL_image, SDL2_image, sox, and transfig), Red Hat (chromium-browser), and Ubuntu (cups, libvirt, and qemu).
---------------------------------------------
https://lwn.net/Articles/747711/


∗∗∗ Cisco Unity Connection Mail Relay Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-cuc


∗∗∗ Cisco UCS Director and Cisco Integrated Management Controller Supervisor Cross-Site Request Forgery Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-ucsd


∗∗∗ Cisco Unified Communications Manager Reflected Cross-Site Scripting Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-ucm


∗∗∗ Cisco Unified Communications Domain Manager Remote Code Execution Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-ucdm


∗∗∗ Cisco Prime Service Catalog Cross-Site Scripting Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-psc


∗∗∗ Cisco Prime Collaboration Provisioning Tool User Provisioning Tab Cross-Site Scripting Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-pcpt1


∗∗∗ Cisco Prime Collaboration Provisioning Tool Web Portal Repeated Bad Login Attempts Denial of Service Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-pcpt


∗∗∗ Cisco Jabber Client Framework for Windows and Mac Cross-Site Scripting Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-jcf1


∗∗∗ Cisco Jabber Client Framework for Windows and Mac Cross-Site Scripting Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-jcf


∗∗∗ Cisco Elastic Services Controller Service Portal Unauthorized Access Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-esc1


∗∗∗ Cisco Elastic Services Controller Service Portal Authentication Bypass Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-esc


∗∗∗ Cisco Data Center Analytics Framework Cross-Site Request Forgery Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-dcaf1


∗∗∗ Cisco Data Center Analytics Framework Cross-Site Scripting Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-dcaf


∗∗∗ Cisco Unified Customer Voice Portal Interactive Voice Response Connection Denial of Service Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180221-cvp


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition ∗∗∗
---------------------------------------------
https://www.ibm.com/support/docview.wss?uid=swg22012965


∗∗∗ IBM Security Bulletin: IBM Maximo Asset Management is vulnerable to cross-site scripting (CVE-2018-1415) ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22013796


∗∗∗ IBM Security Bulletin: IBM Maximo Asset Management is vulnerable to SQL injection (CVE-2018-1414) ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22013797


∗∗∗ IBM Security Bulletin: IBM b-type SAN switches and directors affected by XSS vulnerabilities CVE-2017-6225. ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=ssg1S1012113


∗∗∗ IBM Security Bulletin: Financial Transaction Manager for ACH Services has a potential input validation vulnerability (CVE-2018-1392) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22013249


∗∗∗ IBM Security Bulletin: Financial Transaction Manager for ACH Services has a potential Denial of Service (DOS) vulnerability (CVE-2018-1391) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22013247


∗∗∗ IBM Security Bulletin: Financial Transaction Manager for ACH Services and Corporate Payment Services has a potential XML External Entity vulnerability (CVE-2017-1758) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22012828


∗∗∗ IBM Security Bulletin: IBM Transformation Extender Advanced is Potentially Vulnerable to an XML External Entity (XXE) Injection in its REST API. ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=swg22013432


∗∗∗ IBM Security Bulletin: IBM API Connect is affected by Node.js tough-cookie module vulnerability to a denial of service (CVE-2016-1000232) ∗∗∗
---------------------------------------------
http://www.ibm.com/support/docview.wss?uid=swg22013088


∗∗∗ IBM Security Bulletin: IBM Systems Director (ISD) Storage Control is affected by vulnerabilities in IBM Websphere Application Server (WAS), OpenSSL and IBM Java Runtime ∗∗∗
---------------------------------------------
http://www-01.ibm.com/support/docview.wss?uid=isg3T1027035

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily